Windows update through SCVMM fails.

Geraniou Constantinos 25 Reputation points
2024-01-25T09:20:36.1+00:00

We have a set of HyperV servers which are managed by SCVMM and periodically need to be updated. SCVMM is also connected to an SCCM/WSUS server which deploys the updates to the machines.

However when trying to apply the updates using the remediation process of SCVMM most of the machines even though they appear as non compliant fail to update and display error 80240022 in SCVMM. Checking at the Windows update log which is created running the Get-WindowsUpdateLog command in powershell during the process many errors occur (including the number reported in SCVMM). I can attach the log if needed , examples

FAILED [80246007] Method failed [CAgentUpdateManager::InstallUpdate:11739]

FAILED [8024000C] LoadHistoryEventFromRegistry completed

FAILED [80240013] m_services.Add()

Manually checking for updates and installing also does not work with similar results.

Updating through the SCCM software center seems to work but this is not desirable because SCVMM remediation cannnot be automated by this way.

However I discovered that in case I delete the following key in the registry

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate UpdateServiceUrlAlternate [http://localhost:8005]

the process completes succesfully. This seems to be an option that SCCM using using in order to deploy and its update packages.

So the question is :

Is there a way to deploy the updates using SCCM and then SCVMM uses them to remediate? Or is there a way to bypass SCCM updates for the Machines that SCVMM updates?

System Center Virtual Machine Manager
Microsoft Security | Intune | Configuration Manager | Updates
Windows for business | Windows Server | User experience | Other
0 comments No comments
{count} votes

Accepted answer
  1. XinGuo-MSFT 22,231 Reputation points
    2024-01-26T07:53:12.0333333+00:00

    Hi,

    Or is there a way to bypass SCCM updates for the Machines that SCVMM updates?

    I recommend you create a device collection with HyperV servers in SCCM. and deploy a client settings without control software update setting to this collection to bypass SCCM updates.


1 additional answer

Sort by: Most helpful
  1. XinGuo-MSFT 22,231 Reputation points
    2024-01-30T07:16:40.17+00:00

    After investigating this for a while, I found that port 8005 is controlled by delta download.

    • Navigate \Administration\Overview*Client Settings*
    • Open the Client Settings policy (or Default Client Settings)
    • Scroll down to the Software Updates tab.
    • Check the settings
      • Allow Clients to Download Delta Content when the option is available -> No
      • Port that clients use to receive requests for data content -> 8005
      SCCM Delta Download is Enabled Ignoring Client Policy 1 https://www.anoopcnair.com/sccm-delta-download-is-enabled-ignoring-policy/

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.